Results 1 to 2 of 2
  1. #1
    Untanglit
    Join Date
    Jan 2017
    Posts
    27

    Question Backup WAN - can I point it to a different policy?

    We had a major outage of power and then comcast (caused by the power) and I researched and added a LTE model as a backup WAN. I have both WAN failover and WAN balancer setup with Comcast as the primary and the LTE modem as the backup.

    When the WAN failover to the LTE modem, which is fast, but not for running my whole network. So I want to run in some sort of a deprecated mode with things like SSL, App Control and Web Filter switched off - to allow for a little faster throughput.

    So the question I have - is it possible to setup a new policy and in this deprecated mode, point to that as the default policy? I could not find anything obvious.

    Thanks,
    Amit.

  2. #2
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,945

    Default

    Yes, the policy rule is simply destination interface: CELLULAR NIC This rule only fires on traffic leaving the cellular interface.

    Then you target the policy that lacks the modules you want. Assuming WAN Balancer is set to use the cellular for 0% of the traffic, and WAN Failover has appropriate tests to determine down, when the cable drops the cellular gets all the traffic and policy rules apply.

    Normally traffic goes out the cable pipe, and the policy doesn't fire, but as soon as that cellular NIC pops up the emergency rule applies.

    There is one rub, first rule matching wins on policy rules just like anything else. So you'll have to carefully manage those policy rules if you have more, to get the logic straight. You'll probably want this rule up at the top, because if it's matching something has gone wrong.

    P.S. I'd leave Web Filter in the mix, it doesn't slow things down measurably on its own, and without it you're opening a gaping hole in your AV shields. Not to mention wasting a bit more bandwidth on connections that would have been blocked. You might consider blocking the advertisements category, it'll help trim things down considerably but will break some pages. But... the breaks are probably things you don't want users using while you're limping anyway!
    Last edited by sky-knight; 09-02-2020 at 10:30 PM.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2